OESA-2026-2675 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Fix timeline left held on VMA alloc error The following error has been reported sporadically by CI when a test unbinds the i915 driver on a ring...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an cleanup error in manadestroywqobj within manaibcreateqprss. This vulnerability may lead to double...

CVE-2026-46053

A flaw was found in the Linux kernel's Reliable Datagram Sockets RDS network protocol. When handling memory registration MR cleanup, specifically during the process of copying generated cookies back to user space, an error in the cleanup path could lead to resources being freed multiple times. Th...

SUSE CVE-2026-43144

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential kernel oops when probe fails When probe of the sdio brcmfmac device fails for some reasons i.e. missing firmware, the sdiodev-bus is set to error instead of NULL, thus the cleanup later in...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fixed the bug: KASAN: null-ptr-deref in rxeqpdocleanup. The function rxecreateqp calls rxeqpfrominit. If an error occurs, the error handler for rxeqpfrominit will set both scq and rcq to NULL. Then, rxecreateqp calls...

Linux Distros Unpatched Vulnerability : CVE-2026-31621

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bnge: return after auxiliarydeviceuninit in error path When auxiliarydeviceadd fails, the error block calls auxiliarydeviceuninit but does not return. The unini...

UBUNTU-CVE-2026-23386

In the Linux kernel, the following vulnerability has been resolved: gve: fix incorrect buffer cleanup in gvetxcleanpendingpackets for QPL In DQ-QPL mode, gvetxcleanpendingpackets incorrectly uses the RDA buffer cleanup path. It iterates numbufs times and attempts to unmap entries in the dma array...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper cleanup of message states when the sender’s actions are incorrect. This vulnerability may lead...

SUSE CVE-2026-23259

In the Linux kernel, the following vulnerability has been resolved: iouring/rw: free potentially allocated iovec on cache put failure If a read/write request goes through ioreqrwcleanup and has an allocated iovec attached and fails to put to the rwcache, then it may end up with an unaccounted iov...

CVE-2023-54070

In the Linux kernel, the following vulnerability has been resolved: igb: clean up in all error paths when enabling SR-IOV After commit 50f303496d92 "igb: Enable SR-IOV after reinit", removing the igb module could hang or crash depending on the machine when the module has been loaded with the maxv...

PT-2025-53154

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the ntfs3 filesystem when the ntfs read mft function fails under specific conditions. The issue arises from inconsistencies in setting flags...

Linux Distros Unpatched Vulnerability : CVE-2025-68215

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ice: fix PTP cleanup on driver removal in error path Improve the cleanup on releasing PTP resources in error path. The error case might happen either at the...

CVE-2025-62408 c-ares has a Use After Free vulnerability when connection is cleaned up after error

c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using readanswer and processanswer, which can cause a Denial of Service. This issue is fixed in version 1.34.6...

zx Uses Incorrectly-Resolved Name or Reference

When zx is invoked with --prefer-local=, the CLI creates a symlink named ./nodemodules pointing to /nodemodules. Due to a logic error in src/cli.ts linkNodeModules / cleanup, the function returns the target path instead of the alias symlink path. The later cleanup routine removes what it received...

CVE-2025-13437 Arbitrary node_modules Directory Deletion in Google zx

When zx is invoked with --prefer-local=, the CLI creates a symlink named ./nodemodules pointing to /nodemodules. Due to a logic error in src/cli.ts linkNodeModules / cleanup, the function returns the target path instead of the alias symlink path. The later cleanup routine removes what it received...

kernel: wifi: ath12k: Decrement TID on RX peer frag setup error handling

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Decrement TID on RX peer frag setup error handling Currently, TID is not decremented before peer cleanup, during error handling path of ath12kdprxpeerfragsetup. This could lead to out-of-bounds access in peer-rxtid...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-407532)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-407532 advisory. In the Linux kernel, the following vulnerability has been resolved: jbd2: stop waiting for space when jbd2cleanupjournaltail returns error In jbd2logwaitforspace, we...

EUVD-2022-54920

Malicious code in bioql PyPI...

EUVD-2022-55401

Malicious code in bioql PyPI...

EUVD-2025-27896

Malicious code in bioql PyPI...